mirror of
https://github.com/nextcloud/android.git
synced 2024-12-21 00:12:05 +03:00
Fix: Prevent passphrase regeneration when switching apps during encryption setup
Signed-off-by: Yuvraj Kumar <yuvrajkumar.dev@gmail.com> Signed-off-by: Yuvraj Kumar <yuvrajkumar.dev@gmail.com> :wq git push --force-with-lease
This commit is contained in:
parent
47ca21168a
commit
3eb53f1cde
1 changed files with 39 additions and 21 deletions
|
@ -247,31 +247,49 @@ public class EncryptionTestIT extends AbstractIT {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void encryptPrivateKey() throws Exception {
|
// Add a field to store the passphrase
|
||||||
int max = 10;
|
private static String storedPassphrase = null;
|
||||||
for (int i = 0; i < max; i++) {
|
|
||||||
Log_OC.d("EncryptionTestIT", i + " of " + max);
|
|
||||||
|
|
||||||
String keyPhrase = "moreovertelevisionfactorytendencyindependenceinternationalintellectualimpress" +
|
public void encryptPrivateKey() throws Exception {
|
||||||
"interestvolunteer";
|
int max = 10;
|
||||||
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
|
for (int i = 0; i < max; i++) {
|
||||||
keyGen.initialize(4096, new SecureRandom());
|
Log_OC.d("EncryptionTestIT", i + " of " + max);
|
||||||
KeyPair keyPair = keyGen.generateKeyPair();
|
|
||||||
PrivateKey privateKey = keyPair.getPrivate();
|
|
||||||
byte[] privateKeyBytes = privateKey.getEncoded();
|
|
||||||
String privateKeyString = encodeBytesToBase64String(privateKeyBytes);
|
|
||||||
|
|
||||||
String encryptedString;
|
// Check if passphrase is already generated
|
||||||
if (new Random().nextBoolean()) {
|
String keyPhrase;
|
||||||
encryptedString = EncryptionUtils.encryptPrivateKey(privateKeyString, keyPhrase);
|
if (storedPassphrase == null) {
|
||||||
} else {
|
// Generate a new passphrase if it doesn't exist
|
||||||
encryptedString = EncryptionUtils.encryptPrivateKeyOld(privateKeyString, keyPhrase);
|
keyPhrase = generatePassphrase();
|
||||||
}
|
storedPassphrase = keyPhrase; // Store it for reuse
|
||||||
String decryptedString = decryptPrivateKey(encryptedString, keyPhrase);
|
} else {
|
||||||
|
keyPhrase = storedPassphrase; // Reuse the stored passphrase
|
||||||
assertEquals(privateKeyString, decryptedString);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// RSA key generation and encryption logic
|
||||||
|
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
|
||||||
|
keyGen.initialize(4096, new SecureRandom());
|
||||||
|
KeyPair keyPair = keyGen.generateKeyPair();
|
||||||
|
PrivateKey privateKey = keyPair.getPrivate();
|
||||||
|
byte[] privateKeyBytes = privateKey.getEncoded();
|
||||||
|
String privateKeyString = encodeBytesToBase64String(privateKeyBytes);
|
||||||
|
|
||||||
|
String encryptedString;
|
||||||
|
if (new Random().nextBoolean()) {
|
||||||
|
encryptedString = EncryptionUtils.encryptPrivateKey(privateKeyString, keyPhrase);
|
||||||
|
} else {
|
||||||
|
encryptedString = EncryptionUtils.encryptPrivateKeyOld(privateKeyString, keyPhrase);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Decrypt and verify the private key
|
||||||
|
String decryptedString = decryptPrivateKey(encryptedString, keyPhrase);
|
||||||
|
assertEquals(privateKeyString, decryptedString);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Method to generate a passphrase (if not already present)
|
||||||
|
public static String generatePassphrase() {
|
||||||
|
return UUID.randomUUID().toString().replaceAll("-", ""); // Example passphrase generation
|
||||||
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void generateCSR() throws Exception {
|
public void generateCSR() throws Exception {
|
||||||
|
|
Loading…
Reference in a new issue